| Age | Commit message (Collapse) | Author | Files |
|---|
|
The Makefile checks for zip during installation
[YOCTO #6699]
(From OE-Core rev: a6e8ced3fa8e8e2aa3df0798b80eb26e5ebc4b15)
(Backport to older version 20130503)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277
See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278
(From OE-Core daisy rev: de596b5f31e837dcd2ce991245eb5548f12d72ae)
Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
Follow up bash42-049 to parse properly function definitions in the
values of environment variables, to not allow remote attackers to
execute arbitrary code or to cause a denial of service.
See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
(From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa)
Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
This is a followup patch to incomplete CVE-2014-6271 fix code execution via
specially-crafted environment
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187
(From OE-Core daisy rev: 153d1125659df9e5c09e35a58bd51be184cb13c1)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
This is a followup patch to incomplete CVE-2014-6271 fix code execution via
specially-crafted environment
This patch changes the encoding bash uses for exported functions to avoid
clashes with shell variables and to avoid depending only on an environment
variable's contents to determine whether or not to interpret it as a shell
function.
(From OE-Core daisy rev: 6c51cc96d03df26d1c10867633e7a10dfbec7c45)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
The bash_4.2 recipe was missed when the fix was backported to the dora
branch.
Patch from OE-Core master rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc
by Khem Raj <raj.khem@gmail.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The bash_4.2 recipe was missed when the fix was backported to the dora
branch.
Patch based on the one from OE-Core master rev
798d833c9d4bd9ab287fa86b85b4d5f128170ed3 by Ross Burton
<ross.burton@intel.com>, with the content replaced from the
appropriate upstream patch.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a followup patch to incomplete CVE-2014-6271 fix
code execution via specially-crafted environment
Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed
(From OE-Core master rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
CVE-2014-6271 aka ShellShock.
"GNU Bash through 4.3 processes trailing strings after function definitions in
the values of environment variables, which allows remote attackers to execute
arbitrary code via a crafted environment."
(From OE-Core master rev: 798d833c9d4bd9ab287fa86b85b4d5f128170ed3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
== is a bashism use = instead.
(Based on OE-Core master rev: c90d1047c41148cbd57f26b5a34563346602a71b)
Signed-off-by: Stefan Stanacar <stefanx.stanacar@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core master rev: 1d6caef7222d0c1086a08a109ea4135a388c88e6)
Signed-off-by: Krzysztof Sywula <krzysztof.m.sywula@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
(From OE-Core master rev: fb9b12121f97f59d92ec2b8fdbe0e68f336f0576)
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
xinetd does not enforce the user and group configuration directives
for TCPMUX services, which causes these services to be run as root
and makes it easier for remote attackers to gain privileges by
leveraging another vulnerability in a service.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342
the patch come from:
https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff
(From OE-Core master rev: c6ccb09cee54a7b9d953f58fbb8849fd7d7de6a9)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
* ltp installs 2 different runtests_noltp.sh files from different
directories into /opt/ltp/testcases/bin/runtests_noltp.sh
last one installed wins and causes unexpected changes in
buildhistory's files-in-image.txt report, rename them to have
unique name as other ltp scripts have.
* also define PREFERRED_PROVIDER to resolve note shown when
building with meta-oe layer:
NOTE: multiple providers are available for ltp (ltp, ltp-ddt)
NOTE: consider defining a PREFERRED_PROVIDER entry to match ltp
* use patch generated without -M
in my builds both versions worked, but Saul reported that it fails to
apply with:
Applying patch
0001-Rename-runtests_noltp.sh-script-so-have-unique-name.patch
patch: **** Only garbage was found in the patch input.
Now I've see the same issue on different builder (with Ubuntu 12.04).
(From OE-Core master rev: ec3bb2c2203b2e8bafc1a631f623f858779e20b7)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
buildtest-TESTS is a phony target and does nothing which results in a
do_install error since the tests aren't built. Since there isn't
a suitable make target but the number of tests are small, hardcode
the two to build to unbreak the build when ptest is enabled.
(From OE-Core master rev: 5dd8653fdcda5e0e8b4f3c37a46f357bc97ec66c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
*PPC64 uses long long for u64 in the kernel, but powerpc's asm/types.h
prevents 64-bit userland from seeing this definition, instead defaulting
to u64 == long in userspace.
*fix the below error
|super-ddf.c:4542:5: error: format '%llu' expects argument of type 'long long unsigned int',
|but argument 5 has type '__u64' [-Werror=format=]
|dprintf("BVD %u has %08x at %llu\n", 0,
(From OE-Core master rev: d3caab6eb03264b4f4d744f914598022299011ba)
Signed-off-by: Chunrong Guo <B40290@freescale.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
This check was looking for /run/mdadm on the host system, this check is optional so disable it.
[YOCTO #5447]
(From OE-Core master rev: d62882794890eeee8e8d5c9ba4837ec77a58d787)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Allow the user to provide additional packages to this image.
This lets core-image-basic behave like all other core-image*
recipes (which do support CORE_IMAGE_EXTRA_INSTALL), as well
as match the documentation which suggests this as the mode to
extend any core-image* image.
v2 - drop redundant setting of CORE_IMAGE_EXTRA_INSTALL
(From OE-Core master rev: 5faabf398819d40b55c46bc83ae03942d115024b)
Signed-off-by: Gary Thomas <gary@mlbassoc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
When using the tar executable in the buildtools, tar will execute
gzip. If this happens before zlib-native is built, then the gzip
on the host will be used and can fail if the libz in the buildtools
is not compatible. Adding pigz to the build tools avoids this host
contamination.
(From OE-Core master rev: af6424e8c2bf3a938fddabc669c0956d68964ed0)
Signed-off-by: Konrad Scherer <Konrad.Scherer@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
(From OE-Core master rev: 89d7d46947d9bb8c7bf568c65e52d5bbe159027f)
Signed-off-by: Konrad Scherer <Konrad.Scherer@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
this init script fails when the default shell is busybox sh. This
is because busybox sh doesn't set the UID. No other init scripts
in oecore feel the need to check the UID so just remove the check.
(From OE-Core master rev: dd6a45536043af34c05a699e468cef4845f7affd)
Signed-off-by: Jack Mitchell <jmitchell@cbnl.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Buffer used for copying a "%c" character was getting
out of scope when it was required by the sprintf operation.
[YOCTO #5272]
Signed-off-by: Marius Avram <marius.avram@intel.com>
Signed-off-by: Irina Patru <irina.patru@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a second in a series of patches to enable
offline rootfs creation from a package repository.
Some postinstall cmds are Yocto specific and needed to create a
rootfs with pre and post install hooks successfully run,
using only the toolchain tarball + a package repo.
End goal is to create a sandbox where users of a Yocto
based distribution can customize a rootfs from a package feed
with their package manager of choice.
With this patch, I can successfully create packagegroup-core-boot
with only the toolchain tarball(OPKG). More fixes for a few postinstall
hooks outside of packagegroup-core-boot will come next.
Signed-off-by: David Nyström <david.nystrom@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The po.m4 file is deleted by the more recent autotools.bbclass
autotools_do_configure code which handles gettext. There is therefore
no point in patching the file anymore.
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The po.m4 file is deleted by the more recent autotools.bbclass
autotools_do_configure code which handles gettext. There is therefore
no point in patching the file anymore.
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since we dont use prelude in OE, we just disable autodetection of
prelude in the libpam configuration.
Seems like an old bug:
http://lists.openembedded.org/pipermail/openembedded-devel/2012-March/083804.html
Signed-off-by: David Nyström <david.nystrom@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
So that sysvinit images don't warn on every login only add it to common-session
if systemd is a DISTRO_FEATURE.
[ YOCTO #3805 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
[YOCTO #5212]
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In busybox, util-linux and shadow, su has been moved to /usr/bin/,
but lsb cmdchk needs su in /bin.
Move su to /bin could fix this issue.
[YOCTO#5175]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The libqt-mt is tested by lsb-dist-checker and lsb-test-desktop,
and it locates in meta-qt3 layer.
So if meta-qt3 is not added, there should be a warning to call
attention; if added, it will add libqt-mt to RDEPENDS.
[YOCTO #5153]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The install_initd and remove_initd are linked to /sbin/chkconfig for lsb
core test, but chkconfig has been moved from /sbin to /usr/sbin in order
to fix QA warning about unsafe references in binaries.
(In commit e486242db83297701803866bea971a2f1a1135fe)
Let install_initd and remove_initd link to /usr/sbin/chkconfig could fix
this issue.
[YOCTO #5152]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The whiptail package is written by the libnewt recipe so for the python version
we need to ensure its not in PACKAGES.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Remove dependency on meta-systemd
Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Remove dependency on meta-systemd
Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These links were moved to the lsb package because lsbsetup was to be
removed. Subsequently an earlier patch that moved them to chkconfig was
also merged. This results in duplicate installations that generate a
warning when building core-image-lsb under DISTRO=poky-lsb which enables the
linuxstdbase feature.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The sysklogd package hasn't got systemd support yet. So in case of
a systemd based system, the commands and corresponding configuration
files should have a lower priority than that of the busybox's syslogd
and klogd utilities. These two utilities from busybox have internal
systemd support if CONFIG_FEATURE_SYSTEMD is enabled. And that config
item is enabled by default.
[YOCTO #5066]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
To support the building of recent kernels in minimal environments, we should
provide bc-native.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We do not want libpam to build using audit just
because it happens to be lying around, so we
create PACKAGECONFIG[] data to give us explicit
control.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
We add PACKAGECONFIG[] data for audit and move
the current pam related stuff into it's own entry.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
After stat -h is executed, the return code is 1.
This patch changes it to 0.
Signed-off-by: Zhangle Yang <zhangle.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
xprop is called by xdg-utils scripts.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When run 'bc -l', it segmentation faults. Apply patch from BLFS to fix it.
Ref:
http://www.mail-archive.com/blfs-support@linuxfromscratch.org/msg04601.html
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Patch needed only with automake-1.13 no longer worked as expected
after texinfo has been updated to version 5.1.
Signed-off-by: Marko Lindqvist <cazfi74@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Backport a Debian patch to fix the reading of the
gshadow file in order to make newgrp work correctly.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
[sgw - tweaked commit message]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
